With the advent of, and ever increasing access to, the Internet, computer system security has become and continues to gain in importance. Typically, information to be accessed via the Internet (for example, but not limited to, a web site having one or more web pages) resides on a computer system, which is connected to the Internet. This computer system is referred to as a “web server.” The computer system maintains the Internet information in a memory and executes what is referred to as a “web server program.” When the web server program is executed, a process corresponding to the web server program is established on the computer. In this manner, those individuals wishing to access the web site over the Internet initiate, from their own computer, a web browser program, connect to the Internet, enter the required uniform resource locator (URL) associated with the web site sought, and then view the web pages corresponding to the web site.
Much information contained on web servers and exchanged over the Internet is confidential in nature. For example, a merchant operating a web site would like to maintain as confidential the credit card information that is received from customers over the Internet and stored on the merchant's web server.
Unfortunately, due to the nature of available web server programs, it can be relatively easy for an unauthorized individual to access a web server through an Internet web site and gain access to confidential information. Furthermore, all programs that execute on a computer have corresponding processes associated therewith. For example, each time a word processing program is initiated on a computer, a corresponding process executes within the computer so that the word processor program may operate. Indeed, each time any computer program is initiated, a corresponding process is launched to enable the program to run. Each process runs in a unique, protected domain encompassing its program code, data and other resources. Each of these processes communicate in what is called the “user mode” through an application program interface (API), with what is known as a “kernel.” Each process initiates “system calls,” through which the process communicates with the kernel in what is referred to as “kernel mode.” When operating in kernel mode, the kernel utilizes certain protected functions of the computer processor (not available to user mode programs) in order to execute functions requested by the process.
Part of the functionality of the kernel is to assign and maintain a list of attributes for each process. Among other uses, the attributes are used by the kernel to perform an access control function, so that, for example, a particular process while executing on behalf of a particular user has access privileges assigned that may be different from that of processes operating on behalf of other users. In many cases, a number of different programs execute in processes that have been assigned identical sets of attributes. In these cases, the kernel is unable to apply different access control criteria to the different processes, and a process may thus be vulnerable to various flaws that can cause it to corrupt data or resources belonging to another process.
Therefore, it would be desirable to secure the contents of a program/process, such as a web server program, by compartmentalizing the process in which each program operates and to control the capabilities granted to the process by dynamically assigning a unique differentiable set of attributes to it.